Network Vulnerabilities and Attacks Dr. John Abraham UTPA.

Slides:

Advertisements

Similar presentations

Ethical Hacking Module VII Sniffers.

Advertisements

Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.

Lesson 3-Hacker Techniques

Hacking WLAN // BRUTE FORCE CRACKER // TCP/IP. WLAN HACK Wired Equivalent Privacy (WEP) encryption was designed to protect against casual snooping, but.

Security (Continued) V.T. Raja, Ph.D., Oregon State University.

Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.

Network Attacks Mark Shtern.

Security Awareness Chapter 5 Wireless Network Security.

Introduction to Security Computer Networks Computer Networks Term B10.

Presented by Serge Kpan LTEC Network Systems Administration 1.

WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.

Security+ Guide to Network Security Fundamentals, Third Edition

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World

Sniffing the sniffers - detecting passive protocol analysers John Baldock, Intel Corp Craig Duffy, Bristol UWE.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Analysis of Attack By Matt Kennedy. Different Type of Attacks o Access Attacks o Modification and Repudiation Attacks o DoS Attacks o DDoS Attacks o Attacks.

Demonstrating HTTP Session Hijacking through ARP Cache Poisoning and Man-in-the-Middle Attack and exploring HTTPS and VOIP session vulnerabilities Mainuddin.

Vocabulary URL = uniform resource locator: web address protocol –set of rules that networked computers follow in order to share data and coordinate communications.

Networking Components

Chapter Threats in Networks Network Security / G. Steffen.

Layer 2 Security – No Longer Ignored Security Possibilities at Layer 2 Allan Alton, BSc CISA CISSP NetAnalyst UBC October 18, 2007.

1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.

Security+ All-In-One Edition Chapter 13 – Specific Attacks Brian E. Brzezicki.

And how they are used. Hubs send data to all of the devices that are plugged into them. They have no ability to send packets to the correct ports. Cost~$35.

1/28/2010 Network Plus Security Review Identify and Describe Security Risks People –Phishing –Passwords Transmissions –Man in middle –Packet sniffing.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 8 – Denial of Service.

Computer Security and Penetration Testing

Switch Concepts and Configuration and Configuration Part II Advanced Computer Networks.

Wireless Network Security Dr. John P. Abraham Professor UTPA.

BY MOHAMMED ALQAHTANI (802.11) Security. What is ? IEEE is a set of standards carrying out WLAN computer communication in frequency bands.

Address Resolution Protocol(ARP) By:Protogenius. Overview Introduction When ARP is used? Types of ARP message ARP Message Format Example use of ARP ARP.

This courseware is copyrighted © 2015 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

Introduction to ITE Chapter 9 Computer Security. Why Study Security?  This is a huge area for computer technicians.  Security isn’t just anti-virus.

Doc.: IEEE ai Submission Paul Lambert, Marvell Security Review and Recommendations for IEEE802.11ai Fast Initial Link Setup Author:

Attacks On systems And Networks To understand how we can protect our system and network we need to know about what kind of attacks a hacker/cracker would.

Drive-by pharming is an interesting type of networking attack that combines multiple networking vulnerabilities and average user laziness to create an.

Chapter 9 Networking & Distributed Security. csci5233 computer security & integrity (Chap. 9) 2 Outline Overview of Networking Threats Wiretapping, impersonation,

Wireless Networking & Security Greg Stabler Spencer Smith.

Distributed Denial of Service Attacks Shankar Saxena Veer Vivek Kaushik.

Secure Wired Local Area Network( LAN ) By Sentuya Francis Derrick ID Module code:CT3P50N BSc Computer Networking London Metropolitan University.

Network Attacks CS432 - Security in Computing

Attack and Malicious Code Andrew Anaruk. Security Threats Denial of Service (DoS) Attacks Spoofing Social Engineering Attacks on Encrypted Data Software.

Components of wireless LAN & Its connection to the Internet

A machine that acts as the central relay between computers on a network Low cost, low function machine usually operating at Layer 1 Ties together the.

ISACA – Charlotte Chapter June 3, 2014 Mark Krawczyk, CISA, CISSP, CCNA.

Quality of Information System (IS) reflecting local correctness and reliability of the operating system; the logical completeness of the hardware and software.

Security fundamentals Topic 6 Securing the network infrastructure.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 4 Network Vulnerabilities and Attacks.

Ingredients of Security

Security fundamentals Topic 1 Addressing security threats and vulnerabilities.

DIYTP Network Basics  How do computers communicate?  Network Interface Card (NIC)  Media Access Control Address (MAC)  Unique to each NIC 

.  Hubs send data from one computer to all other computers on the network. They are low-cost and low-function and typically operate at Layer 1 of the.

Intro to Network Security. Vocabulary Vulnerability Weakness that can be compromised Threat A method to exploit a vulnerability Attack Use of one or more.

Networking Components Quick Guide. Hubs Device that splits a network connection into multiple computers Data is transmitted to all devices attached Computers.

Introduction to Networking. What is a Network? Discuss in groups.

FIREWALLS An Important Component in Computer Systems Security By: Bao Ming Soh.

Comparison of Network Attacks COSC 356 Kyler Rhoades.

SESSION HIJACKING It is a method of taking over a secure/unsecure Web user session by secretly obtaining the session ID and masquerading as an authorized.

Network System Security - Task 2. Russell Johnston.

A brief Description of the University Network By John G. mwangi Senior Network Administrator Jomo Kenyatta University of Agriculture and Technology.

أمن المعلومات لـ أ. عبدالرحمن محجوب حمد mtc.edu.sd أمن المعلومات Information Security أمن المعلومات Information Security  أ. عبدالرحمن محجوب  Lec (5)

Network and System Security Risk Assessment

An Introduction To ARP Spoofing & Other Attacks

Introduction to Information Security

LAN Vulnerabilities.

Chapter 5: Network Security and Monitoring

Man-in-the-Middle Attacks

Presentation transcript:

Network Vulnerabilities and Attacks Dr. John Abraham UTPA

Media Based Vulnerabilities Port mirroring Protocol sniffers Network tap –These can be used to monitor traffic at the same time can be used to steal information. False ceilings, easy access to add an RJ45 Exposed wiring Unused rj-45 jacks

How attacker can see traffic Switch flooding – then a switch acts like a hub Mac address impersonation Fake network redirect Router advertisements Fake device redirect (table 4-1 p.123)

Network Device vulnerabilities Weak passwords Default accounts Back doors Privilege escalation

Weak passwords Do not use names or single word –attackers can use dictionary. Change passwords as frequently as you can Keep passwords to include several words and numbers Do not use same password for all accounts Do not write down passwords

Default accounts User accounts on devices you buy These passwords are available on the internet

Back Doors Done by programmers or consultants Even backdoor passwords are installed in firmware.

Categories of Attacks Denial of Service – consume network resources. Example, continuous SYN Distributed denial of service (DDoS) Use hundreds of zombie computers. See figure 4-4 p.127. Spoofing-impersonation. Attacker may use IP address of a trusted source. Man-in-the-middle. Middle computer replaces messages going back and forth. Replay. Middle computer makes a copy of the message before sending it.

Methods of network attacks Protocol based Antiquated protocols-some equipment still support old protocols such as old SNMP DNS attacks-DNS poisoning. Altering IP addresses ARP poisoning – altering MAC address TCP/IP hijacking – Spoofed TCP packets.

Wireless Attacks Rogue Access Points – access points installed without sufficient security by unauthorized person who has access to wired LAN. WAR driving. Searching for wireless beaconing. Bluesnarfing – unauthorized access of information through bluetooth.